'PCRegFixer Registry Cleaner' Tech Support Scam

Posted: August 14, 2017
Threat Metric
Threat Level: 2/10
Infected PCs 23

'PCRegFixer Registry Cleaner' Tech Support Scam Description

The 'PCRegFixer Registry Cleaner' tech support scam is a pop-up attack associated with fake Registry cleaners and corrupted website content. Threat actors whose phone numbers these messages promote may attempt to lock you out of your PC, collect information, or force you to pay money for fraudulent products. Use your anti-malware programs to terminate any symptoms or software related to this hoax and treat any information transferred to entities related to it as being compromised.

A Cleaner Software that's Cleaning out More than Your Registry

The division between a ransom-based attack against your computer and simple adware may seem relatively obvious, but con artists often blur these categorizations with both threatening software and misleading tactics. A recent iteration of a fake Registry cleaner campaign noted as the 'PCRegFixer Registry Cleaner' tech support scam currently, also has ties to related attacks that could do more than just encourage you to spend money on a non-working program. With sufficient access to your PC, the responsible threat actors also may lock you out of your computer completely.

Malware experts are finding limited characteristics of noteworthiness in the PCRegFixer product, which is a conventional, fake 'system-cleaning' Registry scanner. This program pretends to scan your PC for security vulnerabilities and other errors, such as corrupt Registry entries. Both this program and the websites related to it may use pop-ups for promoting its technical support hotline to purchase the 'full version' and removing these fake threats.

The odder aspect of the 'PCRegFixer Registry Cleaner' tech support scam appears with its prolonged interaction with the threat actors, who pose as technical support employees with various companies, such as Microsoft and Apple. They may ask the victim to grant them remote access to the PC. On Windows PCs, victims following these instructions may lock themselves out of their computers by allowing the remote attacker to exploit the default Windows component of Syskey, an encryption utility that also can protect the start-up process with a password. While this attack is much more invasive than it is traditional for such a tactic, it also gives the threat actors extra leverage for demanding money.

Fixing a Security Problem before It Fixes Your PC for Good

A safe counter-response to network-related phishing tactics like the 'PCRegFixer Registry Cleaner' tech support scam always includes disconnecting the compromised PC from the Internet, to prevent any threat actors from making additional changes to your computer. If their system backup data is intact, the users may be able to use the System Restore feature to revert to an earlier, non-password-protected state. In emergencies, there also are free Registry editing programs that can help victims reset their Syskey passwords outside of Windows, although wrong Registry values can cause further damage to the operating system.

For protecting your PC from any initial exposure to a 'PCRegFixer Registry Cleaner' tech support scam, malware experts recommend monitoring the infection vectors that most often associate with scamware. Disabling Flash, Java, and JavaScript, as well as blocking advertising content and pop-up windows can eliminate many in-browser vulnerabilities. Anti-malware programs also may include corrupted website-blocking features and detect any disguised installers for PCRegFixer.

Whether this fake technical support team aims for just a little money or total control over your computer, the 'PCRegFixer Registry Cleaner' tech support scam is a multifaceted security. However, even the best tactic only works with the unintentional help of the victim's poor security practices and tendencies towards self-endangerment.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to 'PCRegFixer Registry Cleaner' Tech Support Scam may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Adware 'PCRegFixer Registry Cleaner' Tech Support Scam

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.